CISSP · Question #355
What capability would typically be included in a commercially available software package designed for access control?
The correct answer is A. Password encryption. Access control software packages are designed to manage and protect authentication credentials, with password encryption being a core and standard capability included in such solutions.
Question
What capability would typically be included in a commercially available software package designed for access control?
Options
- APassword encryption
- BFile encryption
- CSource library control
- DFile authentication
How the community answered
(38 responses)- A89% (34)
- B3% (1)
- C3% (1)
- D5% (2)
Why each option
Access control software packages are designed to manage and protect authentication credentials, with password encryption being a core and standard capability included in such solutions.
Password encryption is a fundamental capability of access control software because these packages must securely store and transmit user credentials to authenticate identities and grant or deny access. Encrypting passwords prevents unauthorized disclosure if the credential store is compromised. This is a universally expected feature in commercial access control products, aligning with security best practices such as hashing and salting stored passwords.
File encryption is a capability associated with data protection or rights management software, not specifically with access control packages, which focus on identity and authentication rather than encrypting data at rest.
Source library control is a feature of software configuration management (SCM) or version control systems, which manage code repositories and change tracking, and is unrelated to access control software functionality.
File authentication (verifying file integrity or origin) is a feature of integrity-checking or digital signature tools, not a standard capability bundled within commercial access control software packages.
Concept tested: Core capabilities of access control software packages
Source: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
Topics
Community Discussion
No community discussion yet for this question.